diff options
author | Nick Thomas <nick@gitlab.com> | 2019-05-16 12:48:38 +0300 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2019-05-16 12:48:38 +0300 |
commit | ef7fff4fa64c9cb3ca57faef3f26fa59f4f51ecb (patch) | |
tree | 1f9cd9f7b4369cf457d56a74fe24eb5e1a273c42 /main.go | |
parent | 656dfa25f02513e2b0c489ca88887f10a72299e6 (diff) | |
parent | 0d97132056ac751d2841e35466225fbff6ad727e (diff) |
Merge branch '150-disable-insecure-ciphers' into 'master'
Disable 3DES and other insecure cipher suites
Closes #150
See merge request gitlab-org/gitlab-pages!145
Diffstat (limited to 'main.go')
-rw-r--r-- | main.go | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -51,6 +51,7 @@ var ( clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") maxConns = flag.Uint("max-conns", 5000, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners") + insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") disableCrossOriginRequests = flag.Bool("disable-cross-origin-requests", false, "Disable cross-origin requests") @@ -82,6 +83,7 @@ func configFromFlags() appConfig { config.LogFormat = *logFormat config.LogVerbose = *logVerbose config.MaxConns = int(*maxConns) + config.InsecureCiphers = *insecureCiphers for _, file := range []struct { contents *[]byte @@ -194,6 +196,7 @@ func appMain() { "default-config-filename": flag.DefaultConfigFlagname, "disable-cross-origin-requests": *disableCrossOriginRequests, "domain": config.Domain, + "insecure-ciphers": config.InsecureCiphers, "listen-http": strings.Join(listenHTTP, ","), "listen-https": strings.Join(listenHTTPS, ","), "listen-proxy": strings.Join(listenProxy, ","), |